Scribd
Upload
80 views8 pages

DevSecOps Platform Template

The document outlines a framework for a DevSecOps platform and lists various artifacts and processes. It includes sections on image management, logging/monitoring/alerting, patch management, platform governance, change management, development/testing/operations, deployment, accounts/credentials/secrets, availability/performance, networking, authority to operate, backups, and agreements/financials. Each section lists titles, links, types and owners for different artifacts related to that section.

Uploaded by

Quân - VCCloud Đinh Công
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
80 views8 pages

DevSecOps Platform Template

The document outlines a framework for a DevSecOps platform and lists various artifacts and processes. It includes sections on image management, logging/monitoring/alerting, patch management, platform governance, change management, development/testing/operations, deployment, accounts/credentials/secrets, availability/performance, networking, authority to operate, backups, and agreements/financials. Each section lists titles, links, types and owners for different artifacts related to that section.

Uploaded by

Quân - VCCloud Đinh Công
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 8

GSA - DevSecOps Platform Framework Template

A. Overarching DevSecOps Platform Considerations:

Artifact Type: Platform Description

Title: Link: Owner:

Ex. Document Title Ex. Sample Link Ex.

Artifact Type: Platform Responsibilities

Title: Link: Owner:

Ex. Document Title Ex. Sample Link Ex.

B. Image Management

Artifact Type: Image Repository

Title: Link: Owner:

Ex. Repository Name Ex. Link to Repository Ex.

Artifact Type: Process for Adding New Images

Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Code, Checklist, Ex.


Name or SOP
Artifact Type: Process for Instantiating a New Instance from an Image

Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Code, Checklist, Ex.


Name or SOP

C. Logging, Monitoring, and Alerting

Artifact Type: Guide to Application Owner Access

Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Code or Document Ex.


Name

D. Patch Management

Artifact Type: Process for Patching a Running System

Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Code, Checklist, Ex.


Name or SOP

Artifact Type: Process for Introducing a Path into the Platform

Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Code, Checklist, Ex.


Name or SOP

E. Platform Governance
Artifact Type: Change Proposal Intake Process

Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Intake Form, Ex.


Name Process Description,
or SOP

Artifact Type: Change Proposal Evaluation Process

Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Process Ex.


Name Description, or SOP

Artifact Type: Change Proposal Execution Process

Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Code, Process Ex.


Name Description, or SOP

F. Change Management

Artifact Type: Version Control Repository

Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Open Source Ex.


Name

Artifact Type: Version Control Standards for Branching, Merging, and More

Title: Link: Type: Owner:


Ex. Document Ex. Sample Link Ex. Open Source Ex.
Name

G. Application Development, Testing, and Operations

Artifact Type: Developer Environment

Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Code, Checklist, Ex.


Name or SOP

Artifact Type: Operational Procedures for Updating Running System

Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Code, Checklist, Ex.


Name or SOP

Artifact Type: Testing Tools Usable by Developers

Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Code Ex.


Name

Artifact Type: Testing Standards Best Practices for the Platform

Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Code, Checklist, Ex.


Name or SOP
H. Application Deployment

Artifact Type: Deployment Pipeline

Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Link to Running Ex.


Name Pipeline, Code,
Checklist, or SOP

Artifact Type: Deployment Playbook

Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Code, Checklist, Ex.


Name or SOP

I. Accounts, Privileges, Credentials, and Secrets Management

Artifact Type: User Onboarding and Offboarding Guides

Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Code, Checklist, Ex.


Name or SOP

Artifact Type: IAM Definitions

Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Code and/or Ex.


Name Documentation
Artifact Type: Secret Management Practices

Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Tools and/or Ex.


Name Documentation

J. Availability and Performance Management

Artifact Type: Platform Availability Metrics

Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Code, Checklist, Ex.


Name or SOP

Artifact Type: Guide to Configuring Availability for Applications

Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Code, Checklist, Ex.


Name or SOP

Artifact Type: Catalog or Document Method of Performance Information

Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Code, Checklist, Ex.


Name or SOP

K. Network Management

Artifact Type: Network Structure Definition


Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Code, Checklist, Ex.


Name or SOP

Artifact Type: Request Process for Network Changes

Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Code, Checklist, Ex.


Name or SOP

L. Authority to Operate Processes

Artifact Type: Process for Achieving an ATO

Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Code, Checklist, Ex.


Name or SOP

Artifact Type: Templates for ATO Artifacts

Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Code Ex.


Name [OpenControl] or
document template

M. Backup and Data Lifecycle Management

Artifact Type: Documentation on Use of Backup and Data Lifecycle Management


Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Code, Checklist, Ex.


Name or SOP

N. Agreements and Financial Management

Artifact Type: Links to Spending Dashboards

Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Code, Checklist, Ex.


Name or SOP

Artifact Type: Process for Onboarding

Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Code, Checklist, Ex.


Name or SOP

Artifact Type: Process for Allocating Budget

Title: Link: Type: Owner:

Ex. Document Ex. Sample Link Ex. Code, Checklist, Ex.


Name or SOP

You might also like